Advisories » MGASA-2024-0181

Updated golang packages fix security vulnerability

Publication date: 17 May 2024
Modification date: 17 May 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-24788

Description

A malformed DNS message in response to a query can cause the Lookup
functions to get stuck in an infinite loop. (CVE-2024-24788)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33197
• https://www.openwall.com/lists/oss-security/2024/05/08/3
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24788

SRPMS

9/core

• golang-1.21.10-1.mga9